---
title: >-
  Ensure that Azure Databricks is deployed in a customer-managed virtual network
  (VNet)
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > Ensure that Azure Databricks is
  deployed in a customer-managed virtual network (VNet)
---

# Ensure that Azure Databricks is deployed in a customer-managed virtual network (VNet)
 
## Description{% #description %}

Ensure that Azure Databricks workspaces are deployed in a customer-managed virtual network (VNet) to provide enhanced security and isolation.

## Remediation{% #remediation %}

1. Go to **Azure Databricks** > select workspace > **Advanced Settings**
1. Configure **Virtual network injection** with custom VNet settings:
   - Custom Virtual Network ID
   - Custom Public Subnet Name
   - Custom Private Subnet Name

```bash
az databricks workspace create \
  --resource-group <resource-group-name> \
  --name <workspace-name> \
  --location <location> \
  --custom-virtual-network-id <vnet-resource-id> \
  --custom-public-subnet-name <public-subnet-name> \
  --custom-private-subnet-name <private-subnet-name>
```

## References{% #references %}

1. [Azure Databricks VNet injection](https://docs.microsoft.com/azure/databricks/administration-guide/cloud-configurations/azure/vnet-inject)
1. [Deploy Azure Databricks in your virtual network](https://docs.microsoft.com/azure/databricks/administration-guide/cloud-configurations/azure/vnet-inject)